When handling an incoming Bitbucket WebHook in order to close review

requests, we sometimes have to perform API requests to Bitbucket. This

will be the case any time we have a "truncated" payload (the payload is

valid but marks its commit metadata as truncated, requiring additional

API calls).
If the credentials have changed for the Bitbucket account, but they

haven't been updated in Review Board, the WebHook handler will just

crash, which isn't helpful on either end of that WebHook.
This change sandboxes authentication errors, returning a HTTP 403

Forbidden error with details to Bitbucket. This should help provide

better information to the owners of the repository.
Note that 403 Forbidden was chosen because it conveys an inability to

handle the content without claiming that Bitbucket has provided

something invalid, unlike error codes like 500 Internal Server Error

(which typically indicates a crash or something that went unexpectedly

wrong), 400 Bad Request (which indicates bad information in the

request), or 401 Unauthorized (which indicates bad credentials in the

request).
Some tweaks to the Hosting Service unit testing support had to be made

to allow for intercepting requests using the Django HTTP Test Client.

These don't break any other unit tests.

Unit tests pass.